1f2b12f7e7050565ff752742e166aab2d0677a453f7b53939dc4a329735d686d | Triage

Sharing

General

Target

1f2b12f7e7050565ff752742e166aab2d0677a453f7b53939dc4a329735d686d
Size

3.4MB
Sample

240915-pq23kavbpp
MD5

f74580d604cf8ab54b8b27adeb681f57
SHA1

81f11dab1750f880d605ff1c089ee26a8028808b
SHA256

1f2b12f7e7050565ff752742e166aab2d0677a453f7b53939dc4a329735d686d
SHA512

53356622a9f6af90d7da7be8bbe3fc43e6510bc3fcee18ecb7a2d08641e0d2a3e622f3dfd8c2d2010d7bd3e7d6e567db5096020c76c3cd121b39a57c21485c71
SSDEEP

98304:4mFMposalKt9FM1oFalKtxrFM3o9alKtvQXy7ZA6lpi:LFnrAt9FDEAtxrFJ8AtvQia6lQ

Score

6^/10

discovery linux

Malware Config

Targets

- Target
  
  modstartblog/8.6.0/scripts/init.sh
- Size
  
  44B
- MD5
  
  596f90ac49562a5e00575471e0668d9b
- SHA1
  
  74b873326ba6f640de3c2d878939db471f94b223
- SHA256
  
  c0786e7c5bab5cefbff87655c7e04b9932fa61a3c35e3087c3b009e13c4b6146
- SHA512
  
  02ed1607a37254319cb1a2c9aaf4abd5df30b9aa754c59fc562fbc26898cd4db7fa7804414f9b97b842d7b2690ab78074146e9a525da22415224a8ed4ece81ac
Score

1^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  modstartcms/7.6.0/scripts/init.sh
- Size
  
  44B
- MD5
  
  596f90ac49562a5e00575471e0668d9b
- SHA1
  
  74b873326ba6f640de3c2d878939db471f94b223
- SHA256
  
  c0786e7c5bab5cefbff87655c7e04b9932fa61a3c35e3087c3b009e13c4b6146
- SHA512
  
  02ed1607a37254319cb1a2c9aaf4abd5df30b9aa754c59fc562fbc26898cd4db7fa7804414f9b97b842d7b2690ab78074146e9a525da22415224a8ed4ece81ac
Score

1^/10
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  mosdns/5.3.3/data/update.sh
- Size
  
  1KB
- MD5
  
  1b16d6887779b0c6d79eb7e0fe29a04d
- SHA1
  
  83b3e07a07c5db496e1c018e14e4c12c415224c5
- SHA256
  
  01c28fce9462e16cedded3b49fbdb56b16817096a2b422369776a1bc708d23c2
- SHA512
  
  f3c8175236e976d8fbf672cf93019ed909a4e1b7ab2fdaa48a01859ea5ee69cc46b463b3a691883c138b8f01d472300a238dea72d17f71834cf34b8ba71a0b46
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral10 behavioral11 behavioral12 behavioral9
- Target
  
  mosdns/latest/data/update.sh
- Size
  
  1KB
- MD5
  
  1b16d6887779b0c6d79eb7e0fe29a04d
- SHA1
  
  83b3e07a07c5db496e1c018e14e4c12c415224c5
- SHA256
  
  01c28fce9462e16cedded3b49fbdb56b16817096a2b422369776a1bc708d23c2
- SHA512
  
  f3c8175236e976d8fbf672cf93019ed909a4e1b7ab2fdaa48a01859ea5ee69cc46b463b3a691883c138b8f01d472300a238dea72d17f71834cf34b8ba71a0b46
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  mosdns/static-latest/data/update.sh
- Size
  
  1KB
- MD5
  
  1b16d6887779b0c6d79eb7e0fe29a04d
- SHA1
  
  83b3e07a07c5db496e1c018e14e4c12c415224c5
- SHA256
  
  01c28fce9462e16cedded3b49fbdb56b16817096a2b422369776a1bc708d23c2
- SHA512
  
  f3c8175236e976d8fbf672cf93019ed909a4e1b7ab2fdaa48a01859ea5ee69cc46b463b3a691883c138b8f01d472300a238dea72d17f71834cf34b8ba71a0b46
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral17 behavioral18 behavioral19 behavioral20
- Target
  
  naxsi/1.0.0/scripts/init.sh
- Size
  
  48B
- MD5
  
  8db6b8b231663ef0372ffa34e9962109
- SHA1
  
  63959f8a54d53cf484f4dd1b716530130a477126
- SHA256
  
  2b50631c9392a0609825b45a76d07be2d5a0e0e85e50cca951eaeb43f18c19a6
- SHA512
  
  bf51b2d59ec0db60342d9f85b552d77f0b7f27bd33bf1402014ecbfb8228482dcf1db268eb24764de01be59791633b0a873923f884da9af4b6219d64734b98eb
Score

1^/10
behavioral21 behavioral22 behavioral23 behavioral24
- Target
  
  naxsi/1.0.0/scripts/uninstall.sh
- Size
  
  53B
- MD5
  
  34ec438588da66561c9c5085426fe3c6
- SHA1
  
  823b17d8834731f75595555f87e0136e62c175fb
- SHA256
  
  c38065b555dc7b1e0d962624d6f82377e4b77d9289fc2317994620269d6a3851
- SHA512
  
  cea7de54db70d9f6381ff721d2d259e5bdc837136712daef0aea95b87b75fe9a1f51402455c9674bc1f8e542c9ef7797e8866e6bcb201aa53fa4cba2749e2974
Score

1^/10
behavioral25 behavioral26 behavioral27 behavioral28
- Target
  
  naxsi/1.0.0/scripts/upgrade.sh
- Size
  
  51B
- MD5
  
  f9a3254e3936fbf73791df1a25bb3788
- SHA1
  
  000f5865d69609253a710333701e2e1c8f05667b
- SHA256
  
  75871f3f4c81292c5252a92f8662105685fc6b6ff8c4920ad0f167ed6ef0d564
- SHA512
  
  361d2be8d971cc9bf984235c80d029e0a4a6e75e4df0645a437a6a53ddc1b8bfaede4336a8e56126e358370bc26153dd2c567381ba550d1bc0f52cebf70b1228
Score

1^/10
behavioral29 behavioral30 behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32